Cybersecurity News
A Brisk Private Trade in Zero-Days Widens Their Use
More zero-day exploits coming up for sale by NSO Group and others is democratizing the attack vector and placing them within reach of less sophisticated attackers.
06 April 2020
FBI Threatens ‘Zoom Bombing’ Trolls With Jail Time
The FBI is cracking down on the practice of Zoom bombing, saying the hijacking of web conferences can be punishable by jail time.
06 April 2020
FBI Warns of BEC Dangers
A new PSA warns of attacks launched against users of two popular cloud-based email systems.06 April 2020
Apple Safari Flaws Enable One-Click Webcam Access
The white hat hacker who discovered the vulnerabilities received a $75,000 from Apple's bug-bounty program.
06 April 2020
Government VPN Servers Targeted in Zero-Day Attack
The attacks are being carried out against Chinese government interests worldwide, according to Qihoo 360.
06 April 2020
Mozilla Patches Two Critical Zero-Days in Firefox
The latest release of Firefox brings fixes for two Critical vulnerabilities already seen exploited in the wild.06 April 2020
Why Humans Are Phishing's Weakest Link
And it's not just because they click when they shouldn't... they also leave a trail of clues and details that make them easy to spoof06 April 2020
Why Humans Will Always Be Phishing's Weakest Link
And it's not just because they click when they shouldn't... they also leave a trail of clues and details that make them easy to spoof06 April 2020
Beyond Zoom: How Safe Are Slack and Other Collaboration Apps?
COVID-19’s effect on work footprints has created an unprecedented challenge for IT and security staff. Many departments are scrambling to enable collaboration apps for all -- but without proper security they can be a big risk.
06 April 2020
UK government slams ‘crackpot’ 5G-coronavirus theories following mast arson attacks
Suspected arson attacks have been connected to theories spreading online of 5G as a cause of coronavirus.06 April 2020
What to do you if your phone is lost or stolen
Losing your smartphone can be expensive, but the cost of the device may not be the final price you’ll be paying
The post What to do you if your phone is lost or stolen appeared first on WeLiveSecurity
06 April 2020
DarkHotel hackers use VPN zero-day to breach Chinese government agencies
Targets included government agencies in Beijing and Shanghai and Chinese diplomatic missions abroad.06 April 2020
Russian telco hijacks internet traffic for Google, AWS, Cloudflare, and others
Rostelecom involved in two BGP hijacking incidents this week impacting more than 200 CDNs and cloud providers.05 April 2020
Docker servers targeted by new Kinsing malware campaign
Hackers breach Docker clusters via administrative API ports left exposed online without a password.04 April 2020
Firefox Zero-Day Flaws Exploited in the Wild Get Patched
Mozilla Foundation rushes patches to fix bugs in its browser that could allow for remote code execution.
04 April 2020
12k+ Android apps contain master passwords, secret access keys, secret commands
Comprehensive academic study finds hidden backdoor-like behavior in 6,800 Play Store apps, 1,000 apps from third-party app stores, and almost 4,800 apps pre-installed on user devices.04 April 2020
DOJ says Zoom-bombing is a crime
DOJ officials say Zoom-bombing raids could lead to arrests, fines, and even prison sentences.03 April 2020
Google rolls back Chrome privacy feature due to COVID-19
Google disables SameSite cookie support to prevent any unforseen breakage to sites during the coronavirus outbreak.03 April 2020
Firefox gets fixes for two zero-days exploited in the wild
Mozilla releases Firefox 74.0.1 to patch two bugs exploited by hackers.03 April 2020
Week in security with Tony Anscombe
Staying safe from coronavirus-themed scams – Securing remote desktop connections – The security risks of videoconferencing
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
03 April 2020